System for detection of money laundering

ABSTRACT

A system for the detection of money laundering activities involving casino slot machines and Video Lottery Terminals (collectively “VLTs/Slot Machines”) using flash memory cards inserted individually at each participating VLT/Slot Machine. The flash memory deploys individual copies of security software that monitors cash in/plays/and cash out on all connected VLTs/Slot Machines. The security software contains an artificial intelligence module that flags “suspicious activity” at all connected VLTs/Slot Machines and keeps an audit trail. The security software will disable/track TITO serial numbers/barcodes of all TITOs printed from VLTs in “silent alarm mode”. TITO serial numbers/barcodes printed in “alarm mode” need to be redeemed at the cashier&#39;s cage and will not work in an automated redemption kiosk or Ticket Redemption Unit, and the cashiers are forewarned to require positive identification and complete a Suspicious Activity Report (SARC).

CROSS-REFERENCE TO RELATED APPLICATION(S)

The present application derives priority from U.S. provisionalapplication Ser. No. 63/049,412 filed 8 Jul. 2020.

BACKGROUND a. Field of Invention

The invention relates to the detection of money laundering activities incasino networks. More particularly, the present disclosure relatesautomated money laundering detection, notification, and reportingtechniques implemented in slot machines by casino gaming networks.

b. Background of the Invention

Casinos and card clubs are prone to illicit money laundering activities.In the US, licensed gaming establishments with gross annual gamingrevenue greater than $1M are subject to the Bank Secrecy Act at 31 USC5311 et seq, and held to FinCEN's (Financial Crimes Enforcement Network)anti-money laundering regulations under at 31 CFR § 1021 et seq. 31 CFR§ 1021.320 requires many casinos and card Currency clubs to reportsuspicious transactions conducted or attempted by, at or through thegaming establishment. Such casinos and card clubs may thus be requiredto report suspicious transactions on FinCEN Form 102, the SuspiciousActivity Report by Casinos and Card Clubs (herein referred to as“SARC”). Casinos subject to FinCEN regulations may also be required tosubmit Transaction Report by Casinos (CTRC) filings on cash transactionsexceeding $10,000. Compliance with FinCEN's regulations is overseen bythe Internal Revenue Service (IRS) and deficiencies often result insignificant civil penalties and sanctions.

Inside the casinos, transactions take place at the “cashier's cage” orcasino bank, at the table games where customers can buy chips/tokensdirectly, at automated redemption kiosks where customers can redeem“Ticket in Ticket Out” vouchers (TITO), and at slot machines. Existinganti-money laundering programs typically enlist the help of floormanagers and slots managers for detecting and reporting suspicioustransactions and for assisting with the identification and reporting ofsuspicious transactions. This is easier with floor games where managersinterface directly with the customers. It is much more difficult forslots managers where a single person may be responsible for thousands ofslot machines and monitoring is via cameras.

In slot machines specifically, FinCEN has stated that “when a casino hasknowledge of customer paper money transactions for slot clubaccountholders identified through its slot monitoring system, it mustaggregate these with other types of “cash in” transactions of which thecasino has knowledge and which are recorded on a casino's books andrecords to determine whether the currency transactions exceed $10,000for a customer in a gaming day. When a casino has knowledge of multiplecurrency transactions conducted by or on behalf of the same customer onthe same day, it is required to treat those multiple transactions as asingle reportable transaction for purposes of determining whethercurrency transaction reporting requirements have been met. This impliesthat casinos must aggregate transactions not just involving insertion ofbills into slot machines, but also other categories of transactions suchas TITO voucher redemptions. If a criminal wants to launder moneyutilizing slot machines, they will typically visit numerous slotmachines over a short time period, insert substantial cash at each, playfor a brief time and cash out. They ultimately hold a handful of TITOvouchers which can be taken to an automated redemption kiosk to convertto laundered cash. This is extremely difficult to monitor. There havebeen efforts to automate the monitoring. For example, United StatesPatent Application 20170309121 by Chun et al. published Oct. 26, 2017shows an automated money laundering detection, notification, andreporting process for casino gaming networks that analyzes financialtransactions using a cash or credit voucher occurring at casinoestablishments to determine if they are classifiable as suspect moneylaundering activity. If so, the system begins to track the real-timelocation of the cash or credit voucher in the casino over a subsequenttime interval. The problem with this is that credit vouchers are validfor at least thirty (30) days from receipt, and the launderer willtypically leave and return twenty-nine days later for the cash. In somegaming jurisdictions this redemption timeframe can be as long as onehundred and eighty days (180). The casino cannot track the creditvoucher to a launderer's home, and upon return all video footage (whichis typically archived after a fifteen-day interval depending on thegaming jurisdiction) has been deleted. If no actual human/individual ispresent to observe the activity and deem it suspicious then thelikelihood of the activity either not being discovered or beingdiscovered too late increases. Moreover, “unaudited/unrequested” camerafootage in a casino is usually only archived for fifteen days. If asurveillance officer has no real-time suspicion and fails to immediatelyobserve an individual who is suspected of suspicious activity, theability of the surveillance department to identify that individualbecomes more difficult with each passing day.

What is needed is a system for the detection of money launderingactivities involving casino slot machines.

SUMMARY OF THE INVENTION

An object of this invention is therefore to overcome the foregoinginconveniences by providing a system for the detection of moneylaundering activities involving casino slot machines and Video LotteryTerminals (collectively “VLTs/Slot Machines”). The present system isdeployed by “flash memory” cards inserted individually at eachparticipating VLT/Slot Machine. The flash memory deploys individualcopies of security software that monitors cash in/plays/and cash out onall connected VLTs/Slot Machines. The security software contains anartificial intelligence module that correlates an individual'stransactions, monitors critical parameters of their play using adeclining/accumulating point system with critical-point thresholds, andauto-initiates a silent “alarm mode” when certain such thresholds areexceeded (silent alarm mode herein being defined as an alarm state thatdoes not generate an audible or noticeable alarm to the public). Thesesilent alarm thresholds are calculated to flag “suspicious activity” atall connected VLTs/Slot Machines without inculpating innocent activity.The system maintains an audit trail throughout the process. The securitysoftware will disable/track TITO voucher serial numbers/barcodes of allTITO vouchers printed from VLTs in silent alarm mode. TITO voucherserial numbers/barcodes printed in silent alarm mode need to be redeemedat the cashier's cage and will not work in an automated redemption kioskor Ticket Redemption Unit (TRU). TITO voucher serial numbers/barcodesprinted in silent alarm mode and presented at the cashier's cage willrequire positive identification, and the completion of a SuspiciousActivity Report (SARC) of the individual presenting the TITO voucherprior to redemption authorization.

BRIEF DESCRIPTION OF THE DRAWINGS

Additional aspects of the present invention will become evident uponreviewing the embodiments described in the specification and the claimstaken in conjunction with the accompanying figures, wherein likenumerals designate like elements, and wherein:

FIG. 1 is a perspective view illustrating a distributed network system.

FIG. 2 is a block diagram illustrating the stepwise sequence ofoperation of the present process.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

The present invention is a system for the detection of money launderingactivities involving casino slot machines and Video Lottery Terminals(collectively “VLTs/Slot Machines”). The present system is deployed overa communication network managed by a back-end Application ServiceProvider (ASP) system. The ASP provides Software as a Service (SaaS) toparticipating casinos. Each casino's VLT/Slot Machines are typicallythird-party devices that run third party software, but in accordancewith the present invention the ASP provides VLT/client securitysoftware, e.g., a thin client front end that integrates with the thirdparty VLT/Slot Machine software, and in turn maintains communication tothe casino security network. The VLT/client security software maintainsa running transaction log which includes a time-stamped record of eachtransaction occurring at a given terminal and a time-stamped digitalimage of each player responsible for those transactions. The VLT/clientsecurity software is deployed by “flash memory” cards insertedindividually at each participating VLT/Slot Machine, and the VLT/clientsecurity software links all terminals to the ASP SaaS software.

For present purposes “flash memory” is herein defined as any solid-statenon-volatile computer memory storage medium with an integralinput/output port by which it can be electrically erased andreprogrammed.

Examples of various VLT/Slot transactions include, but are not limitedto, cash in transactions; cash out transactions; wagering transactions;and Ticket-in ticket-out (TITO) transactions.

The ASP SaaS software continuously analyzes the transaction logs sent bythe VLT/client security software from all connected VLT/Slot Machines inaccordance with the following sequence of steps:

-   -   1. Assign a unique identifier to each captured facial image;    -   2. Correlate transactions occurring at a specific terminal to        individual identifiers based on timestamps;    -   3. Correlate transactions by the same individual at different        terminals based on timestamps and facial recognition (players        are never identified but matching records are designated with a        unique player identifier linking them to the same player);    -   4. deploy an artificial intelligence module in real-time to        analyze each new series of transactions by a given individual,        and monitor critical parameters in accordance with a        declining/accumulating point system;    -   5. based on an individual critical-point thresholds        auto-initiates a silent “alarm mode” at a particular VLT/slot        terminal when certain such thresholds are exceeded.

Based on these silent alarm thresholds the ASP SaaS software flags“suspicious activity” attributable to an individual's play over timeacross multiple terminal yet activates the silent alarm mode at just oneactive VLT/slot terminal without inculpating innocent activity. If andwhen the ASP SaaS software detects a transaction or series oftransactions that may qualify as suspicious activity it triggers silentalarm mode by sending an alarm message to the active VLT/slot terminalupon which the identified player is currently playing, as well as to thecasino security network.

Upon receipt of the silent alarm message by the ASP SaaS software, theASP SaaS software sets a flag on the TITO voucher serialnumbers/barcodes of all TITO vouchers printed from the VLT/slots insilent alarm mode. The ASP SaaS software maintains a blacklist of allsuch designated TITO vouchers printed from VLT/slots in silent alarmmode and communicates the current list to the casino security networkand to all connected automated redemption kiosk and Ticket RedemptionUnits. Automated redemption kiosk and Ticket Redemption Units (TRUs) aretypically third-party devices that run third party software, but inaccordance with the present invention that third-party software isintegrated by a thin client front end with the ASP SaaS software, whichin turn maintains communication to the casino security network. The TRUclient application enforces the ASP/casino's transaction profiles andprovides a transaction audit log to the ASP and/or casino securitynetwork's host security software. The “transaction profile” is a recordthat defines options and settings for conducting or completing TRUtransactions or modifying the transactions or parameters relatedgenerally thereto. A transaction profile is associated with a particulartype of transaction (e.g., cash out) and is populated with informationto create a profile record for a particular type of transaction. A“transaction audit log” is a collection of data that collectivelypresents an authenticated record of information associated with a giventransaction. The transaction profile for a cash-out transaction at allTRUs is programmed to deny the cash-out transaction to any blacklistedTITO voucher and instead advise the patron to present the TITO voucherto the cashier's cage for redemption. Each event is recorded in thetransaction audit log as an “audit entry.”

Thus, the flagged TITO voucher serial numbers/barcodes printed in silentalarm mode will have to be redeemed at the cashier's cage and will notwork in any automated redemption kiosk or Ticket Redemption Units.

TITO voucher serial numbers/barcodes printed in silent alarm mode andpresented at the cashier's cage will require positive identification,and the completion of a Suspicious Activity Report (SARC) of theindividual presenting the ticket prior to redemption authorization.

FIG. 1 is a perspective view illustrating a distributed network systeminclusive of the primary casino security network 2 running host securitysoftware 12, the ASP network 50 providing Software as a Service (SaaS)52 to participating casinos. A plurality of VLT/Slots 20 are deployed onthe casino floor for use by patrons 101-103. A corresponding pluralityof flash memory cards 22 are inserted individually at each participatingVLT/Slot Machine 20. The flash memory cards 22 deploy individual copiesof VLT/slot client security software 24 (to be described). A pluralityof TRUs 70 are also deployed on the casino floor for use by patrons101-103, each a third-party device that runs third party software.However, that third party software is integrated to the casino securitynetwork 2 host security software 12 by a thin client front end, an isintegrated to the ASP security network 50 ASP security software 52 by athin client front end.

In the illustrated embodiment the casino security network 2 runs hostsecurity software 12 that maintains the casino's transaction profiles 16and transaction audit logs 18, while the ASP network 50 runs ASPsecurity software 52 responsible for flagging “suspicious activity” atany connected VLTs/Slot Machine 20. One skilled in the art shouldunderstand that the objects can be accomplished if the ASP network 50also maintains the casino's transaction profiles 16 and transactionaudit logs 18. The ASP security software 52 communicates with theVLT/Slot Machines 20 via VLT/Slot client security software 24, and withthe Ticket Redemption Units 70 by a thin client front end incommunication with the ASP security software 70. Similarly, the casinosecurity network 2 communicates with the Ticket Redemption Units 70 by athin client front end in communication with the casino host securitysoftware 12. As indicated above the “transaction profile 16 is a recordthat defines options, settings and parameters for conducting orcompleting TRU 70 transactions. In accordance with the invention, thetransaction profile 16 prescribes the maximum cash-out transaction thatcan be completed at the TRU 70, and it flatly prohibits any cash-outtransaction at any TRU 70 of any backlisted TITO voucher serialnumbers/barcodes printed while a VLT/Slot Machine was in alarm mode. Thetransaction audit log 18 is a collection of event data associated with agiven transaction. The transaction audit log 18 contains eachtransaction event associated with a given TITO voucher serialnumber/barcode including any entry indicating that the TITO voucher wasprinted in alarm mode. In addition, cage cashiers are employed at thecage and man client cage computers 60 also in communication with thecasino security network 2. Cage cashiers are responsible for exchangingcash for casino chips/tokens, and vice versa.

FIG. 2 is a block diagram illustrating the stepwise sequence ofoperation of the present process.

At step 110 flash memory cards 22 are inserted individually at eachparticipating VLT/Slot Machine 20.

At step 112 each flash memory card 22 deploys its copy of ASP clientsecurity software 22 which begins monitoring transactions on thatVLT/Slot Machine 20, including cash in transactions among others. TheASP client security software 22 continuously updates a record oftransactions at ASP network 50 for each VLT/Slot Machine 20, includingtransactions occurring at each specific terminal, transactiontimestamps, digital images of each player at that terminal, and imagetimestamps.

At step 114 the ASP SaaS software 52 continuously analyzes thetransaction logs sent by the VLT/client security software 22 from allconnected VLT/Slot Machines 20 in accordance with the following sequenceof sub steps:

at sub step 114.1 the ASP SaaS software 52 assigns a unique playeridentifier to each captured facial image;

at sub step 114.2 ASP SaaS software 52 correlates transactions occurringat a specific terminal 20 to individual identifiers based on timestamps;

at sub step 114.3 ASP SaaS software 52 correlates transactions by thesame individual at different terminals 20 based on timestamps and facialrecognition (players are never identified but matching records aredesignated with a unique player identifier linking them to the sameplayer);

at sub step 114.4 ASP SaaS software 52 deploys an artificialintelligence module in real-time to analyze each new series oftransactions by a given individual, and to monitor critical parametersin accordance with a declining/accumulating point system. Points areawarded based on elapsed time between the cash-in and cash-outtransactions (playing time), the net difference between cash-in amountand cash-out amount (win/loss value), and the number of bets placed.Thus, in an embodiment, for example, five points are awarded for anyinitial cash-in value in excess of $5000. Ten points are awarded for anyinitial cash-in value in excess of $10,000. One point is awarded foreach block of playing time in excess of five minutes, and one point issubtracted for playing time less than five minutes contingent onwin/loss value equal to the initial bet placed. This way, points awardedfor high cash-in values and/or quick playing times are reduced if thedifference between cash-in amount and cash-out amount indicates that allthe money was lost. In addition, points are reduced for longer playingtimes. The point system allows flagging of suspicious activity, e.g., apatron who after inserting $1000 cash played for only three minutes withminimal gaming then requested a TITO voucher, but reduces the chance ofinnocent gambling behavior being flagged as suspicious.

At sub step 114.5, based on an individual critical-point threshold, ASPSaaS software 52 auto-initiates a silent alarm mode at a particularVLT/slot terminal 20 when certain such thresholds are exceeded.

At step 115 alarm mode is initiated at a particular VLT/slot terminal20. When a cash-out transaction is commenced, the VLT/Slot clientsecurity software 24 prints a TITO voucher serial number/barcodeindicating that the TITO voucher was printed in alarm mode The VLT/Slotclient security software 24 transmits the TITO voucher serialnumber/barcode to the casino security network 2 where it is appended tothe record of blacklisted TITO voucher serial numbers/barcodes ofcash-out transaction profile 16. The number of the VLT/Slot 20 thatflagged the transmitted TITO voucher, as well as the TITO voucher serialnumber/barcode, time and date, and other salient event facts areappended to audit log 18.

Next the patron takes the printed TITO voucher to any Ticket RedemptionUnit 70 and attempts a redemption or “cash-out transaction.”

At step 125 the TRU client application 62 acknowledges the cash-outtransaction request, reads the most recent casino transaction profile 16for the cash-out transaction, and enforces its parameters includingcomparing the blacklisted register of TITO voucher serialnumbers/barcodes printed while a VLT/Slot Machine was in silent alarmmode.

At step 130 if the transaction profile 16 for a cash-out transaction isblacklisted the TRU client application 62 denies the cash-out requestand instead advises the patron to present the TITO voucher to thecashier's cage for redemption. The fifth flag TITO voucher serialnumbers/barcodes printed in “alarm mode” will have to be redeemed at thecashier's cage and will not work in any Ticket Redemption Units.

At step 135 each event is recorded in the transaction audit log 18 as an“audit entry.”

At step 140 the client security software 24 transmits a warning to thecashier cage 60 indicating that a patron possessing a fifth flag TITOvoucher serial number/barcode printed in alarm mode will be approachingfor redemption. The TRU 70 also displays a message to the cashier 104warning them of the upcoming cash-out transaction and instructing themto require positive identification and the completion of a SuspiciousActivity Report (SARC) of the individual presenting the TITO voucherprior to redemption authorization. Any failure of the individual to giveinformation for the SARC would result in the automatic refusal forpayment on the TITO voucher. If no identification is presented within180 days (or governing body's specified redemption period), then thefunds on the TITO voucher would be remitted to the governing body (orprocess set forth by the governing body).

Having now fully set forth the preferred embodiment and certainmodifications of the concept underlying the present invention, variousother embodiments as well as certain variations and modifications of theembodiments shown and described will obviously occur to those skilled inthe art upon becoming familiar with the concept. It is to be understood,therefore, that the invention may be practiced other than asspecifically set forth herein.

We claim:
 1. A system for the detection of money laundering activitieswithin a casino environment including a host casino computer network, acashier client station running cashier client software in communicationwith said host casino computer network, and a plurality of gamblingterminals each running VLT client software in communication with saidhost casino computer network, the system comprising: an applicationservice provider (ASP) running ASP security software, said ASPmaintaining a database comprising a plurality of predeterminedtransaction types each associated with a predetermined transactionprofile associated with that transaction type; and a plurality of flashmemory cards each configured for insertion in a corresponding gamblingterminal and each containing security software comprising executableprogram code for carrying out the steps of, identifying a transaction onone of said gambling terminals by predetermined transaction type;applying a predetermined ruleset configured for determining whether thetransaction on one of said gambling terminals complies with thetransaction profile associated with the identified transaction type, anddetermining that the transaction does not comply; setting a flagindicating suspicious activity; printing a voucher having a uniqueidentifier, and transmitting that unique identifier to said host casinonetwork security software; whereby said host casino network securitysoftware prevents cash-out transactions to said voucher based on saididentifier and transmits an alert to said cashier client stations torequire positive identification and complete a suspicious activityreport (SARC).
 2. The system of claim 1, wherein said security softwarecarries out the additional steps of, capturing a plurality of facialimages; and assigning a unique identifier based on each captured facialimage.
 3. The system of claim 1, wherein said security software carriesout the additional steps of, assigning timestamps to transactionsoccurring at each of said plurality of gambling terminals.
 4. The systemof claim 3, wherein said security software carries out the additionalsteps of, associating assigned timestamps to said identifiers assignedto captured facial images.
 5. The system of claim 1, wherein saidprinted voucher cannot be redeemed in automated redemption kiosks andmust be taken to a cashier's cage.
 6. The system of claim 1, whereinsaid security software transits a silent alarm to the casino network. 7.A system for the detection of money laundering activities within acasino environment including a host casino computer network, a cashierclient station running cashier client software in communication withsaid host casino computer network, and a plurality of gambling terminalseach running VLT client software in communication with said host casinocomputer network, the system comprising: an application service provider(ASP) running ASP security software; and a plurality of flash memorycards each configured for insertion in a corresponding gambling terminaland each containing security software comprising executable program codefor carrying out the steps of, identifying a transaction on one of saidgambling terminals by predetermined transaction type; monitoring saidtransaction on said gambling terminal; applying a predetermined rulesetconfigured for determining whether the monitored transaction complieswith a transaction profile associated with the identified transactiontype, and determining that the transaction does not comply; setting aflag indicating suspicious activity; and printing a voucher having aunique identifier, and transmitting that unique identifier to said hostcasino network security software; whereby said host casino networksecurity software prevents cash-out transactions to said voucher basedon said identifier and transmits an alert to said cashier clientstations to require positive identification and complete a suspiciousactivity report (SARC).
 8. The system of claim 7, wherein said securitysoftware carries out the additional steps of, capturing a plurality offacial images; and assigning a unique identifier based on each capturedfacial image
 9. The system of claim 7, wherein said security softwarecarries out the additional steps of, assigning timestamps totransactions occurring at each of said plurality of gambling terminals.10. The system of claim 9, wherein said security software carries outthe additional steps of, associating assigned timestamps to saididentifiers assigned to captured facial images.
 11. The system of claim7, wherein said printed voucher cannot be redeemed in automatedredemption kiosks and must be taken to a cashier's cage.
 12. The systemof claim 7, wherein said security software transits a silent alarm tothe casino network.
 13. A system for the detection of money launderingactivities involving casino slot machines and video lottery terminals,comprising: a host casino network running security software; anapplication service provider (ASP) running ASP security software; aplurality of slot machines and/or video lottery terminals each runningslot/VLT client software in communication with said ASP host casinosecurity software; a cashier's client station running software incommunication with said ASP security software and said host casinonetwork security software; a plurality of flash memory cards, eachconfigured for insertion in a corresponding slot machine or videolottery terminal and each containing security software comprisingexecutable program code for carrying out the step of applying apredetermined ruleset and determining whether a transaction is incompliance with a transaction profile associated with that transactiontype, and when not in compliance setting a flag indicating suspiciousactivity, printing a TITO voucher having a serial number/barcode, andtransmitting that TITO voucher serial number/barcode to said host casinonetwork security software, whereby said host casino network securitysoftware thereupon prevents cash-out transactions to said TITO voucherserial number/barcode and transmits an alert to cashiers to requirepositive identification and complete a Suspicious Activity Report(SARC).